| |
| |
Preface | |
| |
| |
Studying the Battleground | |
| |
| |
| |
Computer Architecture and Operating System Review | |
| |
| |
Understanding the Internals of Your Computer | |
| |
| |
Size Matters | |
| |
| |
The Hard Drive | |
| |
| |
RAM | |
| |
| |
The Processor (CPU) | |
| |
| |
Cache | |
| |
| |
The Motherboard | |
| |
| |
Bus Speed/Size | |
| |
| |
The Modem | |
| |
| |
The Network Interface Card | |
| |
| |
Serial and Parallel Ports | |
| |
| |
Summary of the Computer versus Library Analogy | |
| |
| |
The Modem in Detail | |
| |
| |
Operating Systems and Internet Security | |
| |
| |
Windows 95/98/ME | |
| |
| |
Windows NT/2000/XP | |
| |
| |
Linux | |
| |
| |
Other UNIX-Based Operating Systems and Macs | |
| |
| |
Windows CE | |
| |
| |
Summary | |
| |
| |
| |
Understanding the Internet | |
| |
| |
A Little Byte of History | |
| |
| |
The Internet Service Provider | |
| |
| |
What Is an ISP? | |
| |
| |
POPs | |
| |
| |
ISP Logging | |
| |
| |
Proxy ISPs | |
| |
| |
Web Addressing Explained | |
| |
| |
URIs | |
| |
| |
URNs | |
| |
| |
URC | |
| |
| |
URLs | |
| |
| |
Internet Protocols | |
| |
| |
http | |
| |
| |
https | |
| |
| |
ftp | |
| |
| |
Other Protocols | |
| |
| |
Breaking Down the URL | |
| |
| |
The Internet Protocol Address | |
| |
| |
Domain Name Servers | |
| |
| |
URL Abuse | |
| |
| |
Web Pages: Inside and Out | |
| |
| |
Web Servers | |
| |
| |
HTML | |
| |
| |
Scripting and Codes | |
| |
| |
Malicious Coding | |
| |
| |
| |
TCP/IP | |
| |
| |
A Computer: A House | |
| |
| |
Your Computer Ports: Your Doors and Windows | |
| |
| |
Roads and Highways: The Internet | |
| |
| |
TCP/IP: An Overview | |
| |
| |
TCP/IP: Driving Rules | |
| |
| |
CEO Analogy | |
| |
| |
TCP/IP: The Gory Details | |
| |
| |
Packets | |
| |
| |
Layers | |
| |
| |
TCP/IP Handshaking | |
| |
| |
Knowing the Enemy | |
| |
| |
| |
Know Your Enemy | |
| |
| |
The Hacker versus the Cracker | |
| |
| |
The Script Kiddie | |
| |
| |
The Phreaker | |
| |
| |
Ethical versus Unethical Hackers | |
| |
| |
Global Hackers | |
| |
| |
| |
Hacking Techniques for Unauthorized Access | |
| |
| |
WetWare | |
| |
| |
Social Engineering | |
| |
| |
Social Spying | |
| |
| |
Garbage Collecting | |
| |
| |
Sniffing | |
| |
| |
What is Sniffing? | |
| |
| |
How Does a Sniffer Work? | |
| |
| |
How Hackers Use Sniffers | |
| |
| |
How Can I Block Sniffers? | |
| |
| |
How to Detect a Sniffer | |
| |
| |
Spoofing and Session Hijacking | |
| |
| |
An Example of Spoofing | |
| |
| |
Buffer Overflows | |
| |
| |
Character Manipulation and Unexpected Input Exploits | |
| |
| |
The Normal Search Engine Process | |
| |
| |
The Hacked Search Engine Process | |
| |
| |
Exploiting Web Forms | |
| |
| |
| |
Hacking Techniques for Attacks | |
| |
| |
SYN Flooding | |
| |
| |
Smurf Attacks | |
| |
| |
System Overloads | |
| |
| |
DNS Spoofing | |
| |
| |
| |
Walk-Through of a Hacker Attack | |
| |
| |
The Goal Stage | |
| |
| |
Walk-Through of a Hack | |
| |
| |
Information Gathering | |
| |
| |
Planning | |
| |
| |
Execution | |
| |
| |
Clean Up | |
| |
| |
Planning the Defense | |
| |
| |
| |
Building Your Defense Strategy | |
| |
| |
Fortifying Your Defenses | |
| |
| |
Virus/Trojan Protection | |
| |
| |
Virus Scanners | |
| |
| |
Trojan Scanners | |
| |
| |
Firewalls | |
| |
| |
Hardware Firewalls | |
| |
| |
Software Firewalls | |
| |
| |
Hardware/Software Combination Firewalls | |
| |
| |
Which Firewall is Best for You? | |
| |
| |
Restricting Access by IP | |
| |
| |
Restricting Access by Port (Service) | |
| |
| |
Restricting Access by Protocol | |
| |
| |
Restricting Access by Keyword | |
| |
| |
Restricting Access by Application | |
| |
| |
Encryption | |
| |
| |
Encryption Details | |
| |
| |
Symmetric Encryption | |
| |
| |
Asymmetric Encryption | |
| |
| |
Putting Different Types of Encryption to the Test | |
| |
| |
Origin Verification | |
| |
| |
Secure Sockets Layer | |
| |
| |
Virtual Private Network | |
| |
| |
Disadvantages of Encryption | |
| |
| |
What Encryption Does Not Do | |
| |
| |
Recovery | |
| |
| |
Summary | |
| |
| |
| |
Personal Firewalls and Intrusion Detection Systems | |
| |
| |
Do Personal Firewalls Really Work? | |
| |
| |
The Fallacy of "Laying Low" | |
| |
| |
Why Do I Need a Personal Firewall? | |
| |
| |
McAfee Personal Firewall | |
| |
| |
Norton Personal Firewall | |
| |
| |
BlackICE Defender | |
| |
| |
ZoneAlarm | |
| |
| |
Intrusion Detection Systems | |
| |
| |
Honeypots | |
| |
| |
| |
Stop Sharing Your Computer | |
| |
| |
Network Shares | |
| |
| |
Password-Protecting Shares on Windows 95/98/ME | |
| |
| |
Removing Shares on Windows 95/98/ME | |
| |
| |
Removing Shares on Windows NT/2000/XP | |
| |
| |
| |
E-Commerce Security Overview | |
| |
| |
Thwarting E-Criminals | |
| |
| |
Who is the Real Criminal? | |
| |
| |
Stolen Goods Online | |
| |
| |
Secure Transactions | |
| |
| |
| |
Mastering Network Tools | |
| |
| |
MS-DOS | |
| |
| |
NETSTAT | |
| |
| |
Ping | |
| |
| |
TRACERT | |
| |
| |
NBTSTAT | |
| |
| |
NETVIEW | |
| |
| |
NET USE | |
| |
| |
Password Crackers | |
| |
| |
| |
Viruses, Worms, and Trojan Horses | |
| |
| |
Viruses | |
| |
| |
A Virus Defined | |
| |
| |
MBR Virus | |
| |
| |
Macro Virus | |
| |
| |
File Infectors | |
| |
| |
Combination Viruses | |
| |
| |
Worms | |
| |
| |
Virus and Worm Prevention | |
| |
| |
I've Been Infected! Now What? | |
| |
| |
Trojans | |
| |
| |
How a Trojan Works | |
| |
| |
The Backdoor Blues | |
| |
| |
Detecting and Removing Trojans | |
| |
| |
Hostile Web Pages and Scripting | |
| |
| |
| |
Malicious Code | |
| |
| |
Programming Languages | |
| |
| |
Low-Level Languages | |
| |
| |
High-Level Languages | |
| |
| |
Scripting Languages | |
| |
| |
Programming Concepts | |
| |
| |
Program Parts | |
| |
| |
Malicious Client-Side Scripting | |
| |
| |
Denial of Service Scripts | |
| |
| |
Intrusive Access Scripts | |
| |
| |
Malicious Server-Side Scripting | |
| |
| |
PHP | |
| |
| |
ASP | |
| |
| |
Perl | |
| |
| |
The Virus/Worm | |
| |
| |
An Example of Viral Code | |
| |
| |
Moving With Stealth | |
| |
| |
| |
Privacy and Anonymity | |
| |
| |
Cookies | |
| |
| |
Cookie #1 | |
| |
| |
Cookie #2 | |
| |
| |
Cookie #3 | |
| |
| |
Unpleasant Cookies | |
| |
| |
Cookie #1 | |
| |
| |
Cookie #2 | |
| |
| |
Controlling Those Cookies | |
| |
| |
Your Online Identity | |
| |
| |
Registration Requests and Unique IDs | |
| |
| |
Online Identification | |
| |
| |
Hardware IDs | |
| |
| |
Spyware in the Workplace | |
| |
| |
Chat Programs | |
| |
| |
Proxies and Anonymity | |
| |
| |
Browser Caching | |
| |
| |
| |
Big Brother is Watching You | |
| |
| |
Email Spying | |
| |
| |
Keeping Your Email Private | |
| |
| |
Web Page Monitoring | |
| |
| |
Defeating Corporate Web Filters | |
| |
| |
Chat Program Monitoring | |
| |
| |
Keep Your Chats Private | |
| |
| |
Spyware | |
| |
| |
Spying on the Employee | |
| |
| |
Spying on the Consumer | |
| |
| |
Spying on the Family | |
| |
| |
Government Spyware | |
| |
| |
Commentary: Ethics and Privacy | |
| |
| |
Future Trends | |
| |
| |
| |
Windows XP: New Security Features | |
| |
| |
The Microsoft Internet Connection Firewall | |
| |
| |
Windows XP Wireless Security | |
| |
| |
802.1x--Port-Based Network Access Control | |
| |
| |
New Windows XP Wireless Features | |
| |
| |
Microsoft's XP Hacker Test | |
| |
| |
Test Site Description | |
| |
| |
File Encryption and User Control | |
| |
| |
| |
Future Security Threats | |
| |
| |
Mobile Computing | |
| |
| |
Wireless Network Hacking | |
| |
| |
Automated Hacking | |
| |
| |
Advanced Topics | |
| |
| |
| |
Registry Editing | |
| |
| |
Introduction to Registry Editing | |
| |
| |
Purpose of the Registry | |
| |
| |
Parts of the Registry | |
| |
| |
Using the Registry | |
| |
| |
Backing Up the Registry | |
| |
| |
Restoring the Registry | |
| |
| |
Manipulating Registry Keys | |
| |
| |
| |
Disaster Recovery | |
| |
| |
Creating a Boot Disk | |
| |
| |
Down but Not Out (Computer is Infected, but Still Functioning) | |
| |
| |
Down and Out (Computer is Inoperable) | |
| |
| |
Using FDISK/Format | |
| |
| |
| |
Common Trojan Ports | |
| |
| |
Miscellaneous | |
| |
| |
| |
Annotated Bibliography | |
| |
| |
On the Web | |
| |
| |
Books | |
| |
| |
Internet Search | |
| |
| |
Hacking/Security Conferences | |
| |
| |
Glossary | |
| |
| |
Index | |